Re: [Webware-discuss] Thoughts on UserKit...

On Sat, 2003-03-01 at 11:59, Matt Feifarek wrote:
> >I don't think it should be part of a separate SecurePage class, because
> >everyone adds this functionality to their application eventually.
> >
> I can't agree with that. Only a portion of our Webware applications
> require security; most of the servlets we run are for publicly available
> sites, and security just isn't necessary. It should definitely be optional.
Certainly the security should be optional, but I don't see any reason
why the hooks have to be in a separate class. I'd either expect there
to be a method (like .secure()) that would tell if the page should
require a login, but probably better would be if you raise a particular
exception at any point you'll get a login.
There wouldn't be any overhead if you didn't use it, but it would be
there when you needed it. It also doesn't force you to make a page
public or not public -- a page could be public sometimes and private
others. The SecurePage style doesn't allow that, and I don't really see
any benefits to SecurePage (besides simplifying Page, but I don't think
that's a big deal).
Ian